Static task
static1
Behavioral task
behavioral1
Sample
hareketleriniz.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
hareketleriniz.exe
Resource
win10v2004-20241007-en
General
-
Target
6762dd5d2f557b0ddd1ae3e6871146951ac24085644ca58713f438a62a069d1a
-
Size
2.5MB
-
MD5
b72ca8ce3fc6dec37f0ff8ac2130ee5f
-
SHA1
101b776cb78b7d9d85c14fece2161c006c438b83
-
SHA256
6762dd5d2f557b0ddd1ae3e6871146951ac24085644ca58713f438a62a069d1a
-
SHA512
7ff63719af204cb7787dd5f18e7c7ec1c0ba241f69340f81cc77218c1885ef6aee2a628b114a9da37e4656f649d965a307508c57019cfd1f50cb08d12389e815
-
SSDEEP
49152:g1ohr/zzKt5qEfZTZHbQ91p7qXbyR/4QrDC/ZDwsPLo56+RKQ9SnmFJzLwn:gw/zzKt5qEfpZ67eyCwGbPLmBSnown
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/hareketleriniz.exe
Files
-
6762dd5d2f557b0ddd1ae3e6871146951ac24085644ca58713f438a62a069d1a.zip
-
hareketleriniz.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 4.5MB - Virtual size: 4.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 473KB - Virtual size: 473KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ